package com.gitee.jmash.oidc.client.oauth;

import org.eclipse.microprofile.config.inject.ConfigProperties;
import com.gitee.jmash.common.utils.BasicAuthzUtil;
import com.gitee.jmash.oidc.client.oauth.models.AuthCodeTokenResp;
import com.gitee.jmash.oidc.client.oauth.models.UserInfoResp;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.core.Form;


@ApplicationScoped
public class OidcClient {


  @Inject
  @ConfigProperties
  OidcProps oidcProps;

  /**
   * 创建获取code的URL地址.
   */
  public String authCodeUrl(String responseType,String scope, String state, String redirectUri) {
    StringBuffer url = new StringBuffer(oidcProps.getUrl());
    url.append("/authorize?response_type="+responseType);
    url.append("&scope=" + scope);
    url.append("&client_id=" + oidcProps.getClientId());
    url.append("&state=" + state);
    url.append("&redirect_uri=" + redirectUri);
    return url.toString();
  }
  
  
  


  /**
   * 通过Code换取Token.
   */
  public AuthCodeTokenResp authCodeToken(String code) {
    Form form = new Form();
    form = form.param("code", code);
    form = form.param("grant_type", "authorization_code");
    String authorization =
        BasicAuthzUtil.encodeBasicAuthz(oidcProps.getClientId(), oidcProps.getClientSecret());
    AuthCodeTokenResp resp = RestClientUtil.doPostForm(oidcProps.getUrl(), "/token", form,
        AuthCodeTokenResp.class, authorization);
    return resp;
  }

  /**
   * 获取用户信息.
   */
  public UserInfoResp userInfo(String accessToken) {
    Form form = new Form();
    form = form.param("access_token", accessToken);
    String authorization =
        BasicAuthzUtil.encodeBasicAuthz(oidcProps.getClientId(), oidcProps.getClientSecret());
    UserInfoResp resp = RestClientUtil.doPostForm(oidcProps.getUrl(), "/userinfo", form,
        UserInfoResp.class, authorization);
    return resp;
  }

  /**
   * RefreshToken 换取Token.
   */
  public AuthCodeTokenResp refreshToken(String refreshToken, String scope) {
    Form form = new Form();
    form = form.param("grant_type", "refresh_token");
    form = form.param("refresh_token", refreshToken);
    form = form.param("scope", scope);
    String authorization =
        BasicAuthzUtil.encodeBasicAuthz(oidcProps.getClientId(), oidcProps.getClientSecret());
    AuthCodeTokenResp resp = RestClientUtil.doPostForm(oidcProps.getUrl(), "/token", form,
        AuthCodeTokenResp.class, authorization);
    return resp;
  }

  /**
   * 密码登录获取Token.
   */
  public AuthCodeTokenResp passwordToken(String username, String password) {
    Form form = new Form();
    form = form.param("grant_type", "password");
    form = form.param("username", username);
    form = form.param("password", password);
    String authorization =
        BasicAuthzUtil.encodeBasicAuthz(oidcProps.getClientId(), oidcProps.getClientSecret());
    AuthCodeTokenResp resp = RestClientUtil.doPostForm(oidcProps.getUrl(), "/token", form,
        AuthCodeTokenResp.class, authorization);
    return resp;
  }

  /**
   * 获取客户端Token.
   */
  public AuthCodeTokenResp clientToken(String scope) {
    Form form = new Form();
    form = form.param("grant_type", "client_credentials");
    form = form.param("scope", scope);
    String authorization =
        BasicAuthzUtil.encodeBasicAuthz(oidcProps.getClientId(), oidcProps.getClientSecret());
    AuthCodeTokenResp resp = RestClientUtil.doPostForm(oidcProps.getUrl(), "/token", form,
        AuthCodeTokenResp.class, authorization);
    return resp;
  }

}
